User Tools
сервис_tacacs
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
сервис_tacacs [2022/03/05 12:00] val [Docker] |
сервис_tacacs [2025/04/26 10:17] (current) val [Docker] |
||
|---|---|---|---|
| Line 12: | Line 12: | ||
| </code> | </code> | ||
| - | ==== Docker ==== | + | ==== Docker образ ==== |
| * [[https://www.nixcraft.com/t/ubuntu-server-20-04-installing-tacacs/3452|Ubuntu Server 20.04 Installing TACACS+]] | * [[https://www.nixcraft.com/t/ubuntu-server-20-04-installing-tacacs/3452|Ubuntu Server 20.04 Installing TACACS+]] | ||
| * [[Технология Docker]] | * [[Технология Docker]] | ||
| * [[https://hub.docker.com/r/lfkeitel/tacacs_plus|TACACS+ Docker Image]] | * [[https://hub.docker.com/r/lfkeitel/tacacs_plus|TACACS+ Docker Image]] | ||
| + | |||
| + | !!! Можно использовать базовый ораз | ||
| <code> | <code> | ||
| Line 28: | Line 30: | ||
| RUN printf "%s\n%s" '#!/bin/sh' "/usr/local/bin/tac_plus -G -C /etc/tacacs/tac_plus.conf" > /start.sh && chmod +x /start.sh | RUN printf "%s\n%s" '#!/bin/sh' "/usr/local/bin/tac_plus -G -C /etc/tacacs/tac_plus.conf" > /start.sh && chmod +x /start.sh | ||
| + | #RUN echo -e '#!/bin/sh\n/usr/local/bin/tac_plus -G -C /etc/tacacs/tac_plus.conf' > /start.sh && chmod +x /start.sh | ||
| ENTRYPOINT ["/start.sh"] | ENTRYPOINT ["/start.sh"] | ||
| Line 33: | Line 36: | ||
| # docker build -t corp/tacacs_server . | # docker build -t corp/tacacs_server . | ||
| - | # docker run --name tacacs_server -d -p 49:49 -v /etc/tacacs/:/etc/tacacs/ -v /var/log/:/var/log/ corp/tacacs_server | + | # mkdir /etc/tacacs+/ |
| - | + | ||
| - | # docker update --restart=always tacacs_server | + | |
| </code> | </code> | ||
| + | |||
| ===== Настройка ===== | ===== Настройка ===== | ||
| Line 70: | Line 72: | ||
| ===== Запуск ===== | ===== Запуск ===== | ||
| + | * [[https://manpages.ubuntu.com/manpages/trusty/man8/tac_plus.8.html]] | ||
| ==== Ubuntu/Debian ==== | ==== Ubuntu/Debian ==== | ||
| <code> | <code> | ||
| # service tacacs_plus restart | # service tacacs_plus restart | ||
| + | </code> | ||
| + | |||
| + | ==== Docker ==== | ||
| + | <code> | ||
| + | # docker run --name tacacs_server -d -p 49:49 -v /etc/tacacs+/:/etc/tacacs/ -v /var/log/:/var/log/ --restart=always corp/tacacs_server | ||
| + | |||
| + | либо, из базового образа (-d не работает, выводит максимальный debug) | ||
| + | |||
| + | |||
| + | # docker run -d --name tacacs_server -p 49:49 -v /etc/tacacs+/:/etc/tacacs/ -v /var/log/:/var/log/ --restart=always openswitch/tacacs_server /usr/local/bin/tac_plus -G -C /etc/tacacs/tac_plus.conf -d 65536 | ||
| + | или | ||
| + | # docker run -d --name tacacs_server -p 49:49 -v /etc/tacacs+/:/etc/tacacs/ -v /var/log/:/var/log/ --entrypoint /usr/local/bin/tac_plus --restart=always openswitch/tacacs_server -G -C /etc/tacacs/tac_plus.conf -d 65536 | ||
| </code> | </code> | ||
| ===== Мониторинг ===== | ===== Мониторинг ===== | ||
| + | |||
| <code> | <code> | ||
| + | !!! Файл появится в результате действий пользователя в CLI | ||
| # tail -f /var/log/tac_plus.acct | # tail -f /var/log/tac_plus.acct | ||
| + | |||
| + | # tail -f /var/log/tac_plus.log | ||
| + | ... | ||
| + | все пароли | ||
| + | ... | ||
| + | |||
| + | все, что нужно, есть в tac_plus.acct | ||
| + | # rm /var/log/tac_plus.log; ln -s /dev/null /var/log/tac_plus.log | ||
| </code> | </code> | ||
сервис_tacacs.1646470858.txt.gz · Last modified: 2022/03/05 12:00 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
